For example, if a site has a login form to log into control panel & only registered users are allowed to enter the site. Now many times we want to login without such authentication i.e. bypassing the security barriers. If the programmer has properly sanitized the login scriptblock, then you be lucky to enter the site. But you may be able to login without knowing the actual username & password. This method basically deals with the DataBase server, so we use the term 'SQL Injection'.
Let's consider an example, where username is 'administrator' and password is 'pass123' that is used to login to the site. Now the above authentication can be showcased using SQL as
SELECT USER from database WHERE username='administrator' AND password='pass123';
Here if you fire the query then it will be resulted as true and you would login successfully.
If this database is not properly sanitized by the programmer then it will automatically open the doors for Hackers.
So if you try the following combinations you would be able to login without knowing actual username and password
username: 'or1='1 password: 'or1='1
username: 'or'1'='1' password: 'or'1'='1'
username: or1=1 password: or1=1
Thats all about bypassing login.
No comments:
Post a Comment